93 matches found
CVE-2023-6009 UserPro <= 5.1.4 - Authenticated (Subscriber+) Privilege Escalation
The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userproupdateuserprofile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify...
PT-2023-32472 · WordPress · Userpro
Name of the Vulnerable Software and Affected Versions: UserPro plugin for WordPress versions up to, and including, 5.1.4 Description: The issue allows authenticated attackers with minimal permissions to modify their user role by exploiting insufficient restrictions on the userpro update user...
CVE-2023-4153
The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3devsavebanusersettingscallback' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber,...
Authorization
The WP Project Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.6.4 due to insufficient restriction on the 'saveusersmapname' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modif...
CVE-2023-3636 WP Project Manager <= 2.6.4 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation
The WP Project Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.6.4 due to insufficient restriction on the 'saveusersmapname' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modif...
CVE-2023-4293 Premium Packages - Sell Digital Products Securely <= 5.7.4 - Arbitrary User Meta Update to Authenticated (Subscriber+) Privilege Escalation
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmppupdateprofile' function. This makes it possible for authenticated attackers, with minimal...
CVE-2023-4239 Real Estate Manager <= 7.2 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation
The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.2 due to insufficient restriction on the 'remsaveprofilefront' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...
CVE-2023-4140
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction on the 'getheadervalues' function. This makes it possible for authenticated attackers, with minimal permissions such as an author, if the...
CVE-2023-4140 WP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction on the 'getheadervalues' function. This makes it possible for authenticated attackers, with minimal permissions such as an author, if the...
CVE-2023-4140 WP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.9.8 due to insufficient restriction on the 'getheadervalues' function. This makes it possible for authenticated attackers, with minimal permissions such as an author, if the...
Authorization
The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rxsetscreenoptions' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their...
CVE-2023-2833 ReviewX <= 1.6.13 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation
The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rxsetscreenoptions' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their...
CVE-2023-1874 WP Data Access <= 5.3.7 - Authenticated (Subscriber+) Privilege Escalation
The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiplerolesupdate function. This makes it possible for authenticated attackers, with minimal permissions such as a...
CVE-2022-4939 WCFM Membership <= 2.10.0 - Unauthenticated Privilege Escalation
THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing capability check on the wpajaxnoprivwcfmajaxcontroller AJAX action that controls membership settings. This makes it possible for unauthenticated attackers to...
SUSE CVE-2014-0060
PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command...
CVE-2019-14841
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console...
CVE-2022-36803
The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. This vulnerability was reported by Jacob Shafer from Bishop Fox...
CVE-2022-36803
The CVE-2022-36803 vulnerability affects Atlassian Jira Align Server prior to version 10.109.2, due to improper access control in the MasterUserEdit API. An authenticated attacker with the People role can use MasterUserEdit to elevate any user’s role to Super Admin. The issue is explicitly tied t...
PT-2022-6074 · Atlassian · Jira Align Server
Name of the Vulnerable Software and Affected Versions: Atlassian Jira Align Server versions prior to 10.109.2 Description: The issue is related to the MasterUserEdit API in Atlassian Jira Align Server, which allows an authenticated attacker with the People role permission to modify any user's rol...
WordPress plugin uListing cross-site request forgery vulnerability
The WordPress plugin uListing is a directory and listing plugin based on Vue.js. The WordPress plugin uListing 2.0.5 and earlier versions are vulnerable to cross-site request forgery. An attacker could exploit the vulnerability to modify user roles...